| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250401090631.8103-1-liuhangbin@gmail.com>
Date: Tue, 1 Apr 2025 09:06:31 +0000
From: Hangbin Liu <liuhangbin@...il.com>
To: netdev@...r.kernel.org
Cc: Jay Vosburgh <jv@...sburgh.net>,
Andrew Lunn <andrew+netdev@...n.ch>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Nikolay Aleksandrov <razor@...ckwall.org>,
Simon Horman <horms@...nel.org>,
Cosmin Ratiu <cratiu@...dia.com>,
linux-kernel@...r.kernel.org,
Hangbin Liu <liuhangbin@...il.com>
Subject: [PATCHv2 net] bonding: use permanent address for MAC swapping if device address is same
Similar with a951bc1e6ba5 ("bonding: correct the MAC address for "follow"
fail_over_mac policy"). The fail_over_mac follow mode requires the formerly
active slave to swap MAC addresses with the newly active slave during
failover. However, the slave's MAC address can be same under certain
conditions:
1) ip link set eth0 master bond0
bond0 adopts eth0's MAC address (MAC0).
1) ip link set eth1 master bond0
eth1 is added as a backup with its own MAC (MAC1).
3) ip link set eth0 nomaster
eth0 is released and restores its MAC (MAC0).
eth1 becomes the active slave, and bond0 assigns MAC0 to eth1.
4) ip link set eth0 master bond0
eth0 is re-added to bond0, but both eth0 and eth1 now have MAC0,
breaking the follow policy.
To resolve this issue, we need to swap the new active slave’s permanent
MAC address with the old one. The new active slave then uses the old
dev_addr, ensuring that it matches the bond address. After the fix:
5) ip link set bond0 type bond active_slave eth0
dev_addr is the same, swap old active eth1's MAC (MAC0) with eth0.
Swap new active eth0's permanent MAC (MAC0) to eth1.
MAC addresses remain unchanged.
6) ip link set bond0 type bond active_slave eth1
dev_addr is the same, swap the old active eth0's MAC (MAC0) with eth1.
Swap new active eth1's permanent MAC (MAC1) to eth0.
The MAC addresses are now correctly differentiated.
Fixes: 3915c1e8634a ("bonding: Add "follow" option to fail_over_mac")
Signed-off-by: Hangbin Liu <liuhangbin@...il.com>
---
v2: use memcmp directly instead of adding a redundant helper (Jakub Kicinski)
---
drivers/net/bonding/bond_main.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
index e45bba240cbc..1e343d8fafa0 100644
--- a/drivers/net/bonding/bond_main.c
+++ b/drivers/net/bonding/bond_main.c
@@ -1107,8 +1107,13 @@ static void bond_do_fail_over_mac(struct bonding *bond,
old_active = bond_get_old_active(bond, new_active);
if (old_active) {
- bond_hw_addr_copy(tmp_mac, new_active->dev->dev_addr,
- new_active->dev->addr_len);
+ if (memcmp(old_active->dev->dev_addr, new_active->dev->dev_addr,
+ new_active->dev->addr_len) == 0)
+ bond_hw_addr_copy(tmp_mac, new_active->perm_hwaddr,
+ new_active->dev->addr_len);
+ else
+ bond_hw_addr_copy(tmp_mac, new_active->dev->dev_addr,
+ new_active->dev->addr_len);
bond_hw_addr_copy(ss.__data,
old_active->dev->dev_addr,
old_active->dev->addr_len);
--
2.46.0
Powered by blists - more mailing lists